2023-03-15 16:00:52 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2022-04-27 23:35:18 +00:00
|
|
|
package api
|
|
|
|
|
|
|
|
import "testing"
|
|
|
|
|
|
|
|
func TestIsSudoPath(t *testing.T) {
|
|
|
|
t.Parallel()
|
|
|
|
|
|
|
|
testCases := []struct {
|
|
|
|
path string
|
|
|
|
expected bool
|
|
|
|
}{
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: Not a real endpoint
|
2022-04-27 23:35:18 +00:00
|
|
|
{
|
|
|
|
"/not/in/sudo/paths/list",
|
|
|
|
false,
|
|
|
|
},
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: sys/raw/{path}
|
2022-04-27 23:35:18 +00:00
|
|
|
{
|
|
|
|
"/sys/raw/single-node-path",
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"/sys/raw/multiple/nodes/path",
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"/sys/raw/WEIRD(but_still_valid!)p4Th?🗿笑",
|
|
|
|
true,
|
|
|
|
},
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: sys/auth/{path}/tune
|
2022-04-27 23:35:18 +00:00
|
|
|
{
|
|
|
|
"/sys/auth/path/in/middle/tune",
|
|
|
|
true,
|
|
|
|
},
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: sys/plugins/catalog/{type} and sys/plugins/catalog/{name} (regexes overlap)
|
2022-04-27 23:35:18 +00:00
|
|
|
{
|
|
|
|
"/sys/plugins/catalog/some-type",
|
|
|
|
true,
|
|
|
|
},
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: Not a real endpoint
|
2022-04-27 23:35:18 +00:00
|
|
|
{
|
|
|
|
"/sys/plugins/catalog/some/type/or/name/with/slashes",
|
|
|
|
false,
|
|
|
|
},
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: sys/plugins/catalog/{type}/{name}
|
2022-04-27 23:35:18 +00:00
|
|
|
{
|
|
|
|
"/sys/plugins/catalog/some-type/some-name",
|
|
|
|
true,
|
|
|
|
},
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: Not a real endpoint
|
2022-04-27 23:35:18 +00:00
|
|
|
{
|
|
|
|
"/sys/plugins/catalog/some-type/some/name/with/slashes",
|
|
|
|
false,
|
|
|
|
},
|
2023-07-06 20:01:33 +00:00
|
|
|
// Testing: auth/token/accessors (an example of a sudo path that only accepts list operations)
|
|
|
|
// It is matched as sudo without the trailing slash...
|
|
|
|
{
|
|
|
|
"/auth/token/accessors",
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
// ...and also with it.
|
|
|
|
// (Although at the time of writing, the only caller of IsSudoPath always removes trailing slashes.)
|
|
|
|
{
|
|
|
|
"/auth/token/accessors/",
|
|
|
|
true,
|
|
|
|
},
|
2022-04-27 23:35:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
for _, tc := range testCases {
|
|
|
|
result := IsSudoPath(tc.path)
|
|
|
|
if result != tc.expected {
|
|
|
|
t.Fatalf("expected api.IsSudoPath to return %v for path %s but it returned %v", tc.expected, tc.path, result)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|